package com.lbkj.ops.common.mvc;

import com.lbkj.ops.common.exception.Http401Exception;
import com.lbkj.ops.common.exception.Http403Exception;
import com.lbkj.ops.common.util.SessionUtils;
import com.lbkj.ops.model.OpsUser;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Component
public class AuthInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
        final OpsUser loginUser = SessionUtils.getLoginUser();
        if(loginUser == null) {
            throw new Http401Exception();
        }
        if(request.getServletPath().startsWith("/sys")) {
            if(!"admin".equals(loginUser.getAccount())) {
                throw new Http403Exception();
            }
        }
        return true;
    }
}
